javasslx509certificatepublic-key-encryptionprivate-key

Using Java to Encrypt a private key


I have a generated a private key using CertAndKeyGen class. Now I want to encrypt the private key with a password and use it as key while starting PostgreSQL server. How can I write the Java code to encrypt the private key? Below is my code I use to generate Private Key.

    CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
    PrivateKey privKey = keypair.getPrivateKey();

Solution

  • public class KeyEncryptExample {
    
        public static void main(String[] args) {
            try {
                String key = "mariahussain"; // needs to be at least 8 characters for DES
    
                FileInputStream fis = new FileInputStream("C:/Users/hussain.a/Desktop/original.txt");
                FileOutputStream fos = new FileOutputStream("C:/Users/hussain.a/Desktop/encrypted.txt");
                encrypt(key, fis, fos);
    
                FileInputStream fis2 = new FileInputStream("C:/Users/hussain.a/Desktop/encrypted.txt");
                FileOutputStream fos2 = new FileOutputStream("C:/Users/hussain.a/Desktop/decrypted.txt");
                decrypt(key, fis2, fos2);
            } catch (Throwable e) {
                e.printStackTrace();
            }
        }
    
        public static void encrypt(String key, InputStream is, OutputStream os) throws Throwable {
            encryptOrDecrypt(key, Cipher.ENCRYPT_MODE, is, os);
        }
    
        public static void decrypt(String key, InputStream is, OutputStream os) throws Throwable {
            encryptOrDecrypt(key, Cipher.DECRYPT_MODE, is, os);
        }
    
        public static void encryptOrDecrypt(String key, int mode, InputStream is, OutputStream os) throws Throwable {
    
            DESKeySpec dks = new DESKeySpec(key.getBytes());
            SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
            SecretKey desKey = skf.generateSecret(dks);
            Cipher cipher = Cipher.getInstance("DES"); // DES/ECB/PKCS5Padding for SunJCE
    
            if (mode == Cipher.ENCRYPT_MODE) {
                cipher.init(Cipher.ENCRYPT_MODE, desKey);
                CipherInputStream cis = new CipherInputStream(is, cipher);
                doCopy(cis, os);
            } else if (mode == Cipher.DECRYPT_MODE) {
                cipher.init(Cipher.DECRYPT_MODE, desKey);
                CipherOutputStream cos = new CipherOutputStream(os, cipher);
                doCopy(is, cos);
            }
        }
    
        public static void doCopy(InputStream is, OutputStream os) throws IOException {
            byte[] bytes = new byte[64];
            int numBytes;
            while ((numBytes = is.read(bytes)) != -1) {
                os.write(bytes, 0, numBytes);
            }
            os.flush();
            os.close();
            is.close();
        }
    
    }